Home page logo
/

basics logo Security Basics mailing list archives

Re: Removing ping/icmp from a network
From: krymson () gmail com
Date: 2 Apr 2008 16:02:43 -0000

ICMP can be used as a covert channel as well. A bit exotic, but increasingly within the realm of possibility depending 
on how secure you need to be.

I do believe there still exists the case of attacking TCP connections using ICMP as well. Google the tool icmp-reset.


<- snip ->
As a matter of interest, does anyone know of an ICMP exploits besides
DoS? If there are none, then the whole problem is moot. As I
understand it ICMP is an integral part of the TCP stack and as such
the code will be there whether you block ICMP or not, so short of
having a buggy TCP stack it shouldn't increase exposure much if at
all.

Well, Ping of Death comes to mind, but that issue has been fixed ages
ago.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]